What are the 7 principles of GDPR?

The General Data Protection Regulation (GDPR) sets out to protect and enable the privacy rights of individuals in the European Union. The 7 key principles of GDPR are:

1. Lawfulness, fairness and transparencyPersonal data should be processed in a fair, legal, and transparent way.  with the individual’s consent or based on legitimate interests.

2. Purpose limitation: Personal data should be collected for specific, explicit, and legitimate purposes and not used in a way that is incompatible with these purposes.

3. Data minimisation: Personal data collected should be relevant and limited to what is necessary.

4. Accuracy: Personal data should be accurate and kept up to date. You should take steps to review and update the information when necessary.

5. Storage limitation: Personal data should be stored for as long as necessary for legitimate purposes and shouldn’t be kept indefinitely.

6. Integrity and confidentiality: Personal data should be stored safe and secure by implementing technical and organizational measures in place.

7. Accountability: Your organization is responsible for compliance with all the GDPR principles, and for demonstrating compliance if necessary.